package com.yangxinxin.lesson.shiro;

import com.yangxinxin.lesson.exception.BusinessException;
import com.yangxinxin.lesson.service.RedisService;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.springframework.beans.factory.annotation.Autowired;
/** @Author yangxinxin
 * @Description //TODO
 * @Date 15:20 2020/3/1
 * @Param
 * @return
 **/
//认证器的核心
public class CustomHashedCredentialsMatcher extends HashedCredentialsMatcher {
    @Autowired
    private RedisService redisService;
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        CustomPasswordToken customPasswordToken= (CustomPasswordToken) token;
        String sessionId= (String) customPasswordToken.getPrincipal();
        if(!redisService.hasKey(sessionId)){
            throw new BusinessException(4010001,"用户授权信息无效请重新登录，请刷新token");
        }
        return true;//认证通过
    }
}
